gcp-dataprep-bigquery-twitter-stream icon indicating copy to clipboard operation
gcp-dataprep-bigquery-twitter-stream copied to clipboard

Published 20 hours ago verified publisher icon jeremylorino

[Snyk] Fix for 1 vulnerabilities

Open jeremylorino opened this issue 1 year ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 758/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.3		 Improper Input Validation
SNYK-JS-FOLLOWREDIRECTS-6141137		 No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: @google-cloud/pubsub The new version differs by 91 commits.
  • 8dde3c4 fix: System tests were using get() incorrectly. (#251)
  • fb07bc3 Update CI config (#249)
  • c33b3fd Retry npm install in CI (#241)
  • 0db53bf fix(deps): update dependency delay to v4 (#239)
  • 30ac556 Re-generate library using /synth.py (#236)
  • c9e277f fix: (sample tests): Validate short names. (#235)
  • 8d6c1c1 fix: Return error if subscription name already exists. (#226)
  • 4cf8b9b fix: (tests) Provide projectId to PubSub constructor. (#221)
  • 6efe142 Release nodejs-pubsub v0.20.0 (#230)
  • fdb0aa8 fix docs (#229)
  • b8033ee fix(deps): update dependency google-auth-library to v2 (#228)
  • 893a577 Re-generate library using /synth.py (#227)
  • 9eba9da chore(deps): update dependency nyc to v13 (#225)
  • 257b9d8 Update the CI config (#220)
  • cb0d3d5 test: fix import sample failures (#218)
  • 76d9926 fix(deps): update dependency google-gax to ^0.19.0 (#216)
  • 5792339 chore: make the CircleCI config consistent
  • afb5dc4 chore: use arrow functions (#215)
  • 38d874d chore(deps): update dependency eslint-config-prettier to v3 (#213)
  • cbd1f0d chore: convert to es classes (#211)
  • 5d19454 chore: drop dependency on @ google-cloud/common (#210)
  • f4fd0b1 chore: do not use npm ci (#209)
  • e7221e7 chore: use let and const (#204)
  • 79e7480 chore: ignore package-lock.json (#207)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Improper Input Validation

jeremylorino avatar Jan 01 '24 17:01 jeremylorino